public void LoadsDescriptionsOfCredentialsInToViewModel() { // Arrange var fakes = Get <Fakes>(); var user = fakes.CreateUser( "test", CredentialBuilder.CreatePbkdf2Password("hunter2"), CredentialBuilder.CreateV1ApiKey(Guid.NewGuid(), Fakes.ExpirationForApiKeyV1), CredentialBuilder.CreateExternalCredential("MicrosoftAccount", "blarg", "Bloog")); var controller = GetController <UsersController>(); controller.SetCurrentUser(user); // Act var result = controller.Account(); // Assert var model = ResultAssert.IsView <AccountViewModel>(result, viewName: "Account"); var descs = model.Credentials.ToDictionary(c => c.Kind); // Should only be one of each kind Assert.Equal(3, descs.Count); Assert.Equal(Strings.CredentialType_Password, descs[CredentialKind.Password].TypeCaption); Assert.Equal(Strings.CredentialType_ApiKey, descs[CredentialKind.Token].TypeCaption); Assert.Equal(Strings.MicrosoftAccount_Caption, descs[CredentialKind.External].TypeCaption); }
public virtual async Task <ActionResult> GenerateApiKey(int?expirationInDays) { // Get the user var user = GetCurrentUser(); // Generate an API Key var apiKey = Guid.NewGuid(); // Set expiration var expiration = TimeSpan.Zero; if (Config.ExpirationInDaysForApiKeyV1 > 0) { expiration = TimeSpan.FromDays(Config.ExpirationInDaysForApiKeyV1); if (expirationInDays.HasValue && expirationInDays.Value > 0) { expiration = TimeSpan.FromDays(Math.Min(expirationInDays.Value, Config.ExpirationInDaysForApiKeyV1)); } } // Add/Replace the API Key credential, and save to the database TempData["Message"] = Strings.ApiKeyReset; await AuthService.ReplaceCredential(user, CredentialBuilder.CreateV1ApiKey(apiKey, expiration)); return(RedirectToAction("Account")); }
public void WillUseApiKeyInCredentialIfPresent() { var apiKey = Guid.NewGuid(); var controller = GetController <UsersController>(); controller.SetUser("user"); GetMock <IUserService>() .Setup(s => s.FindByUsername("user")) .Returns(new User { Key = 42, ApiKey = Guid.NewGuid(), Credentials = new List <Credential>() { CredentialBuilder.CreateV1ApiKey(apiKey) } }); GetMock <ICuratedFeedService>() .Setup(stub => stub.GetFeedsForManager(42)) .Returns(new[] { new CuratedFeed { Name = "theCuratedFeed" } }); // act var result = controller.Account(); // verify var model = ResultAssert.IsView <AccountViewModel>(result); Assert.Equal(apiKey.ToString().ToLowerInvariant(), model.ApiKey); }
public virtual User Create( string username, string password, string emailAddress) { // TODO: validate input // TODO: consider encrypting email address with a public key, and having the background process that send messages have the private key to decrypt var existingUser = FindByUsername(username); if (existingUser != null) { throw new EntityException(Strings.UsernameNotAvailable, username); } var existingUsers = FindAllByEmailAddress(emailAddress); if (existingUsers.AnySafe()) { throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress); } var hashedPassword = Crypto.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId); var apiKey = Guid.NewGuid(); var newUser = new User(username) { ApiKey = apiKey, EmailAllowed = true, UnconfirmedEmailAddress = emailAddress, EmailConfirmationToken = Crypto.GenerateToken(), HashedPassword = hashedPassword, PasswordHashAlgorithm = Constants.PBKDF2HashAlgorithmId, CreatedUtc = DateTime.UtcNow, Roles = new List <Role> { RoleRepository.GetEntity(2) } }; // Add a credential for the password and the API Key newUser.Credentials.Add(CredentialBuilder.CreateV1ApiKey(apiKey)); newUser.Credentials.Add(new Credential(CredentialTypes.Password.Pbkdf2, newUser.HashedPassword)); if (!Config.ConfirmEmailAddresses) { newUser.ConfirmEmailAddress(); } newUser.Roles.Add(RoleRepository.GetEntity(2)); UserRepository.InsertOnCommit(newUser); UserRepository.CommitChanges(); return(newUser); }
public virtual async Task <ActionResult> GenerateApiKey() { // Get the user var user = GetCurrentUser(); // Generate an API Key var apiKey = Guid.NewGuid(); // Add/Replace the API Key credential, and save to the database TempData["Message"] = Strings.ApiKeyReset; await AuthService.ReplaceCredential(user, CredentialBuilder.CreateV1ApiKey(apiKey)); return(RedirectToAction("Account")); }
public virtual ActionResult GenerateApiKey() { // Get the user var user = UserService.FindByUsername(User.Identity.Name); // Generate an API Key var apiKey = Guid.NewGuid(); // Set the existing API Key field user.ApiKey = apiKey; // Add/Replace the API Key credential, and save to the database UserService.ReplaceCredential(user, CredentialBuilder.CreateV1ApiKey(apiKey)); return(RedirectToAction(MVC.Users.Account())); }